Rubrik is seeking a Red Team Engineer reporting to the InfoSec Manager. As a Red Team Engineer, you are responsible for exploiting vulnerabilities and simulating real-world attack scenarios to protect Rubrik brand, customers and shareholders from cyber threats. The successful candidate will be technically savvy, customer-oriented, results-driven and passionate about security.
- Design and execute real-world attack scenarios by replicating the tactics, techniques and procedures of threat actors and highlight gaps impacting enterprise security posture and readiness
- Develop and refine exploitation techniques consistently to conduct Red Team exercises successfully
- Deliver executive technical briefings to leadership across the organization
- Deliver detailed reports of technical findings to stakeholders and assist with the development of mitigation plans
- Assist with security investigations, root-cause analysis and corrective measures as required
- Support incident responders in analyzing applicable threats, vulnerabilities, controls and residual risks
- Bachelor’s degree required; BE/BTech or MS in Computer Science, Information Technology, or related field
- 5+ years’ experience in red team, exploiting system vulnerabilities, network penetration testing, product security and/or cloud security roles
- Ability to perform targeted cyberattacks with or without the use of automated tools
- Experience in system internals (windows, linux) and cloud security (AWS, GCP)
- Strong knowledge of exploit frameworks, obfuscation/evasion techniques, firewalls, IDS/IPS and web proxies
- Demonstrated programming skills in one or more of: Python, Perl, Ruby, Java
- IT security certifications (OSCP, OSCE, GPEN, GWAPT, GXPN) is a plus
- Excellent verbal and written communication skills
Rubrik provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Rubrik complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.